SonicWall NSa Reviews

I like that you can run a packet capture from within SonicWall and configure it to automatically upload the packet captures to an FTP server. This is useful when trying to troubleshoot an intermittent issue. It can capture for as long as you have disk space on the FTP server.

We are more aware of security issues since SonicWall can be configured to send e-mail alerts. Server-side Outlook rules and Exchange transport rules (more informational subject lines) can be helpful in sorting and making sense of the many alerts it can generate. We have also configured it to send logs to a syslog server. They also offer SonicWall Analyzer which can reportedly be very helpful when viewing logs but I have no experience with it.

I am not sure if SonicWall has finally addressed this issue but a major area for improvement would be being able to export the settings file in a non-binary readable and editable format. It is not possible to export, make changes and then upload a revised configuration. Since the settings file is binary and non-readable, it seems to always be suspect when any strange issues arise with the appliance. I have had their techical support many times through the years question whether our settings file was corrupt. Of course it would be very easy to know if it was possible to look at it but it’s binary.

Another issue we had was with SonicWall auto-creating firewall rules for VPN tunnels until I learned to disable that feature and not allow it. SonicWall will not let an admin delete an auto-created object. I personally believe an admin should be able to delete anything. We had cases where a VPN tunnel was deleted first and auto-created objects for the tunnel would get abandoned. Other objects can also get abandoned. A time or two I was able to delete abandoned objects by recreating what created them in the first place and then deleting things in the right manner to cause the auto-deletion of the objects. If that doesn’t work, you will need to restore from a backup settings file or live with the abandoned object(s). We made it a policy to always backup the settings before any change and again after the change with the file names of the settings files reflecting what was changed. It also helps to send an e-mail to the team or record in a ticket details on any changes made, e.g. screen shots of all changes. If the settings file becomes corrupt you will need to load a previous settings file. It will be helpful to have a previous version along with a record of all changes made since that settings file was saved. This is another example of how helpful it would be to be able to view the settings file, make changes and delete objects if needed and then reload it. It would be so much easier and faster.

I have used SonicWall products for about eleven years, these models for about eight years. They are near EOL.

Years ago, we would often have problems after firmware upgrades. Once after a firmware upgrade all firewall rules were still present except for HTTP and HTTPS which of course meant our web servers were dead until all the rules were recreated. We began to experience spontaneous reboots after another firmware upgrade. In recent years, they now issue early release firmware, often many versions of it, until they release a new general release. We never upgrade to early release and chose to only use general release after it’s been released for three months (true for all vendor firmware and software) and after we have searched for horror stories on the Internet. You can also open a tech support case and specifically ask the tech if the firmware is still considered a good and stable release. They will usually tell you honestly whether it is or not. We have had technical support tell us early release is tested and just as good as general release firmware while other technical support has told us it is not fully QA-tested and might cause problems. Using only general release firmware, our SonicWall has been rock solid and very stable for many years even when they were newer and had more frequent firmware releases.

We never tried to scale it.

SonicWall technical support is quite good. As with all contact with any technical support, I always document the issue, who I spoke to and their response. This can prove to be very valuable if trying to demonstrate a longstanding issue. It helps to have in hand previous dates, case numbers, names of previous tech support with notes on what they said and details on the previous attempts to fix things. For the most part, SonicWall technical support can quickly identify and resolve most issues.

We had a SonicWall 5060 PRO and upgraded to the SonicWall NSA 4500s. They are near EOL and another upgrade will soon be required.

I built them from scratch since our settings file in the 5060 PRO was suspected to have corruption. I documented all of the settings in the previous firewall and manually created all of the address objects, service objects, firewall and NAT rules to duplicate what was in the SonicWall 5060 PRO. I previously built the 5060 PRO so I knew it was configured correctly.

SonicWall absolutely has the best bang for the buck hands down. Other firewalls are two to three times as expensive both in initial cost and recurring maintenance cost. SonicWall does not require duplicate licenses if you have an HA-pair in Active/Passive mode since only one unit will be active at any given time, which is a big savings in cost compared to other vendors. If you buy a security bundle you get even greater savings. SonicWall does, however, license user VPN access unlike most other vendors.

It’s been so long ago I can’t remember.

At the time of this post SonicWall is now owned by private equity firm Francisco Partners and Elliott Management. I would research those firms and form an opinion as to the possible future of SonicWall and then decide accordingly. If you have already made your purchase, utilize tech support often if needed. They have been invaluable to me through the years and have always helped me in getting answers to any questions. They have always been there to assist me in setting up something new and unfamiliar when needed.

Our primary use case is at the perimeter of all of our customer's sites with all of the security services turned on. That is anti-malware, anti-spyware, geo IP filtering is an important thing for us, web filtering and the Capture ATP. We are looking at preventing downloading of any virus-infected files.

Geo-IP filtering has made a large impact on us and it is very important to us.

The most valuable features to us are the security services which is a critical factor in our deployment. Today we need to have all the security services enabled because firewalls are not enough.

When it comes to security I think all of the features are currently open to improvement.

I have been using SonicWall NSa for the past ten to fifteen years.

Technical support used to be very good and now we are dealing with long response times.  On a scale of one to ten today we are looking at a four or five instead of a nine or ten.

The setup is straightforward however you want to have a good technical support individual involved for proper deployment.

I would rate SonicWall NSa a nine out of ten as an overall solution in security.

Our use case is for firewall security. The solution is deployed on-premises.

It's an all-in-one solution. We can do the hosting and security all under one box. The UTM is a good feature.

The dynamics needs to be improved. The solution is not very compatible compared to the market products.

The solution is stable. We need only one or two people for maintenance.

It is scalable. We have around 100 users, and we have plans to increase usage.

Technical support is good.

Initial setup was easy. We mostly did the installation ourselves. One person is enough to complete the installation. Depending on the network, it only takes a couple of minutes to do because it's so simple.

I would give this solution 10 out of 10. I would recommend it to others; it's a good solution.

At the organization I used to work for, this solution was used as the primary perimeter firewall. We had 11 sites. Each site had a firewall that sat behind a router and did all the filtering.

The security features we pretty good. The antivirus and items of that nature were quite helpful to have.

The web sourcing was very good. 

The stability was very good.

We found the installation to be pretty straightforward.

Sometimes I found the GUI and some of the features a little bit hard to navigate, as opposed to Fortigate, which is much more user-friendly. 

What Fortigate has which SonicWall doesn't, is the per rule natting. SonicWall only does the central mapping. If they could include something like per rule natting it would be better.

I've used the solution for about three years or so.

The solution was very stable. There were no bugs or glitches. It didn't crash or freeze. It was reliable. There were no breaches.

The solution was quite scalable. If a company needed to expand it, it could do so.

We had 300 or so users at our organization using the product.

I do not work for the company anymore. I can't speak to their plans for the solution and if they plan to increase usage or not. 

I had experience with support in the past and I found them to be helpful and responsive. I was very pleased with their level of assistance.

I'm currently using Fortigate now. I switched companies and this company uses Fortigate.

The installation process isn't too difficult. It's pretty easy and rather straightforward. A company shouldn't have any trouble with the initial setup.

The time it takes to deploy depends on the company, however, I recall it only took about an hour or so at our organization. Physically, you might need help with the actual setup, however, for the most part, a person could handle it alone.

I was able to handle the process myself. I did not need the assistance of a consultant or integrator. 

Our organization would pay for a license every two to three years.

I was a customer and an end-user. I never had a professional relationship with SonicWall.

I would recommend the product to other organizations.

I'd rate the solution overall at a seven out of ten.

We are system integrators and we install products for our customers. It is mainly used in Universities, for corporate use, and in the government sector as a firewall.

What I like the most is that this is a one-time purchase with no renewal fees.

The stability is better than other products.

The pricing for this product in India is high and the fees should be reduced.

The visual process needs improvement.

Because of the price, our customers prefer PSA. The price is what needs to be addressed in the next release, it's the only that that matters.

I would rate this solution a five out of ten.

I have been using this solution for approximately 22 years.

This solution is stable.

This is a scalable product. As our customer need increases we plan to increase our usage.

Technical support is good and it is available online as well as offline.

Currently, I am using SonicWall and Wildcard.

The setup process was perfect.

It was straightforward and easy. This is not a complex product at all.

We handle the integration for our customers.

SonicWall is a one-time purchase and there is no renewal license.

I would not recommend this solution because the price is too high. More than 30% of our customers prefer PSA because of the price.

In summary, the product is good but the price is too high.

I would rate this solution a five out of ten.

Our operation depends heavily on Internet access and we depend on a solution that can provide us with productivity and security for the continuity of our business.
With this need, we implemented a SonicWall NSA firewall to control all access to and from the Internet.

With the deployment of the SonicWall NSA solution, we never suffered a problem due to invasion or contamination of any kind.

The solution always responded very efficiently, delivering us:

• High productivity in our operation through access control capabilities;
• Security for our information with advanced deep inspection features, including SSL traffic.

This solution has always delivered us security features with great efficiency like:

• Web content filter with a very extensive and always updated database;
• IPS with an extensive list of signature attacks;
• Anti-virus system with cloud sandbox that inspects 'file-less' attacks and delivers only after the verdict;
• Real time flow inspection system;
• Application Control with an extensive list of signatures;
• DPI-SSL inspection in the data layer;
• SSO with LDAP directory services.

The solution was deployed to suit all areas of the company.

This product is unable to secure access to endpoints for our external employees. Our next plan will be to deploy a solution for visibility and control of 'shadow IT' applications and also to provide security for accesses outside our company. We plan to use another solution from SonicWall, such as Cloud App Security (CASB), to meet the needs of our external employees.

The solution has always been very stable and efficient.

My impression is that the solution is quite scalable.

Support services are categorized by the criticality level. We had a few critical events, but each was attended quickly and efficiently.

Before this solution, we used Microsoft Forefront TMG Server.

We migrated because the solution was proxy-based and did not have the features of NG firewalls.

Initially, we had to review our security policy and this was the stage that involved the highest level of complexity.

With the policy defined according to our needs, the initial configuration of the solution was simple, but obviously, because it is an advanced-level security solution, it must be implemented by a specialized professional.

The solution was implemented by our internal team. Our team participated in an official solution training prior to deployment.

This question is very relative as we are dealing with an asset. But for our business, it was positive for a short period of time.

In our evaluation, we found that the costs of deploying the solution, and also purchasing the hardware and licenses, were very attractive.

The ratio of costs vs efficiency of SonicWall products is very good.

We did not test other solutions.

Our primary use case is as a corporate firewall, and to provide security for the network while allowing connectivity between multiple sites. We also use it as a VPN gateway for multiple users via SSL.

Our old firewall was running as HA (High Availability) on two different but identical rack mounted servers. Moving to SonicWall allowed the company to move to one unit, yet accommodate more connections because it had sixteen ports and handled fail-over better than the old firewall solution.

Compact 1u, 1/4 depth size. 16 x 10/100/1000 Mbps ports, fibre ready. Management interface that is relatively simple to figure out.

I feel that the SSL VPN client software needs a lot of improvement.

The NSA 2400 is used as our edge device. We subscribe to two services.

• Comprehensive Gateway Security Suite
• Anti Spam Service

The ability to configure the appliances for efficient usage.

• Content filtering
• Anti-Spam
• URL blocking
• Bandwidth management
  

• Content filtering reduces the load on the available bandwidth and restricts employees from using distracting websites on the job, which leads to more productive hours.
• Anti-Spam reduces unwanted mail on corporate exchange services.

After-sales support and hands-on training facilities are poor or not available in my country. Improving these will help users like me optimally manage and administer this solution.